Only 2 'Important' Items for Microsoft's September Security Update

Both bulletin items repair elevation of privilege flaws for Microsoft Developer Tools and Microsoft Server Software. And because neither have been designated "critical" (both are rated "important'), only apply after proper testing has concluded.

"Neither of the issues addressed is known to be under active exploit in the wild -- and, on another positive note, neither bulletin requires customers to restart their machines," wrote Microsoft's Angela Gunn in a blog post.

While the urgency to apply these two bulletins isn't as high as last month's security update, which featured five critical items, security researchers are warning that these security flaws should not be ignored.

"Both of these bulletins are pretty low risk to most organizations; however, employees should never be allowed to browse the Internet or check e-mail from servers that this software could reside on," said Marcus Carey, security researcher at Rapid7, in an e-mailed response. "To be able to exploit these vulnerabilities, an attacker would craft a malicious link for a victim to click on, allowing them to compromise the victim's system. It's always a good idea to educate employees/ end-users on how to spot and avoid suspect links."